Original post is from April, but there is an update at the bottom from June:
> Got a call from Apple after 2 months. They have decided that iDOS is not a retro game console, so the new rule is not applicable. They suggested I make changes and resubmit for review, but when I asked what changes I should make to be compliant, they had no idea, nor when I asked what a retro game console is.
I understand why you would believe this, but Apple currently refuses to notarize UTM for distribution outside of the App Store via Notarization under rule 2.5.2:
> UTM also noted that Apple is barring UTM SE from being notarized for third-party app stores because the app apparently violated guideline 2.5.2. That rule states that apps have to be self-contained and can’t execute code “which introduces or changes features or functionality of the app, including other apps.” [0]
While the DMA may eventually force Apple to slide on this rule, currently it doesn't actually solve the problem at-hand.
> While the DMA may eventually force Apple to slide on this rule, currently it doesn't actually solve the problem at-hand.
People keep saying stuff like this about the DMA and it's very confusing to me. Of course Apple can choose to break the law, but there are consequences for that. It doesn't mean the law is ineffective just because investigation and enforcement is not instantaneous.
a-Shell – runs WASI binaries (via Apple's native out-of-process runtime, so it even gets to JIT, I believe!) and comes with a C compiler, as well as Python: https://apps.apple.com/us/app/a-shell/id1473805438
But yeah, sure these are all somehow self-contained in a way that a DOS emulator can't possibly be in a way only App Store reviewers are enlightened enough to grasp.
Apple has been well known to be absolutely obtuse, random, and not reliable when it comes to approvals for over 12 years now[1], at least unless you're a big company and can hound someone in upper management about it.
It's a good reason why, for a lot of people, claims about Apple walled garden being such a privacy and security boon fall flat[2].
For all purposes, it's as capricious as other companies inscrutable "AI" systems.
[1] Back in 2011, when I tried my hand at the startup roulette, I remember meeting companies which due to bad experience decided that Apple market is not worth possibility of going bankrupt because approvals might suddenly get denied so late in the process to kill the project
[2] I remember how, before MS started submitting their own applications to AppStore/MAS, searching for certain microsoft products like a naive user got you a ton of scams that might be threading the needle on Apple rules - but not on intent.
React native. the code of the app is in javascript, and so updates can be downloaded dynamically by the app itself, without the need to submit another version to the app store
Let's hope it forces their hand. Either way, it shows that there is room for improvement to the DMA language to prohibit that type of behavior explicitly, which other countries could address in their DMA versions.
I could sort of see the justification for requiring notarization giving Apple a kill switch to shutdown malware. But if it's just turning into another kind of app review then we can't really say the Mac is still an open platform.
Notarization is not a reasonable implemetation of a malware kill switch. All you'd need for that is an Apple-published list of known-bad app ids that the OS could check itself against periodically. No, notarization is a control mechanism to impede the creation and distribution of any non-Apple-approved apps.
App IDs don't really work for this purpose if Apple aren't in control of generating them, nothing is stopping a malware vendor from literally never reusing app IDs. Notarization is a reasonable implementation, and it can even require some form of developer identification, it just can't be very deep identification, an e-mail address is enough (along with IP and other metadata gathered during the process). That way they can disable all apps signed by one developer, and can more quickly react to malicious actors, without it becoming a problem for normal users.
> nothing is stopping a malware vendor from literally never reusing app IDs.
Or form using the ID of another vendor.
> and it can even require some form of developer identification, it just can't be very deep identification, an e-mail address is enough (along with IP and other metadata gathered during the process).
I expect the typical malware writer will easily find a way to have a unique “e-mail address (along with IP and other metadata gathered during the process)”.
Because of that, “That way they can disable all apps signed by one developer” will not be possible.
Indeed, the entire app store review is just a facade for Apple's market grabbing practices. I'm more than happy the EU is taking steps to address this.
I really wish folks in the US would step back for a second and stop defending the corporation with "end to end" control of their life.
Yeah, it's crazy there's no other options, like a platform that openly allows sideloading. Its terrible that were all forced to buy Apple products, especially when this behavior from them is just so surprising.
> Apple Intelligence - points you to Apple Music or Apple Maps as a response to your query? Illegal.
There's a very trivial solution here that Apple already applies to password managers and Android applies to a bunch of things: allow the user to pick a Music and a Maps app.
Does the DMA mandate that they actually implement extra apps/features, or just provide the API surface for others to do so? Like, just to pick the first one on your list - any reason they can't just let it point at an arbitrary app that's tagged as providing music (and, I presume, that implements some standard API to query songs or w/e). Does the law really want Apple to integrate with ex. Spotify, or just make it possible for Spotify to integrate the same way as Apple's own music app?
That's fine. If they can't implement features in a way that doesn't stifle competition or create vendor lock-in, then they don't get to implement those features. I think that's a totally reasonable consequence of the DMA, if true.
DMA doesn't block Apple from making any of those features. It just makes it illegal for Apple to block others from implementing the same/similar features.
If Apple can't make those features interoperable, then they shouldn't exist at all. With Apple's size and access to development resources, there is absolutely no excuse for them other than greed.
So you’re okay with a feature not existing for customers who want because the government deigns that they shouldn’t have it? You really want the government taking away your agency to make your own choices?
1. Every law has the spirit of the law. Otherwise you wouldn't need courts to interpret laws, and no law would ever be made because it would have to describe every single permutation of every single possible human endeavour
2. Fines are capped at high numbers. It doesn't mean you will be immediately slapped with one. Stop perpetuating this bullshit. The law says up to, not just this fine and that's it.
EU especially doesn't like fining companies. The usual process in the EU is "please fix this -> please fix that -> minor fine -> greater fine if persisting in breaking the law -> even greater fine -> ..."
None of these seem like they're impossible for a company the size of Apple to provide open APIs for. They have even already hinted at that for Apple Intelligence!
Siri has supported playing music on apps other than just Apple Music for a while now too (after taking their time with it for obvious reasons, which I found infuriating as a Spotify user).
Apple seriously needs to make all internal coms about rejecting apps public to the person being rejected. I do mean all this way, when people blog about it, there's no more ambiguity and it can be assessed. Also, you can see if they're rejecting it for something they already approved of prior. It feels like some people doing the reviews dont look at prior history at all. Maybe they dont even get access to it, or maybe they dont want to do it. Let the applicant see their entire history, let them better clarify.
This type of chest beating principal lacks nuance, there are certainly reasons why a reasonable person would agree it is in Apple (or any marketplace operator) not to share rationale directly with the creator. The easiest example would be comms indicating that Apple is detecting malicious behaviors (spam, fraud, abuse, etc) in the app. Disclosing information what can (and implicitly what cannot be detected) is self defeating. There are literally hundreds of reasonable variations in these situations.
I think what is effective is that all violations where the creator is working in good faith to abide by guidelines should be treated with reasonable transparency about how the conclusion Apple came to was reached. What fraction of Apple devs are working in good faith? Obviously the vast majority. So therefore most rejections should have clear rationale.
I mean, even a court doesn't publish all the deliberation that goes into arriving at a decision. They prepare a final verdict and deliver it–while it would be interesting to see, we have reasons we don't post things like "juror 2 thinks what you did was barely legal".
Courts at least try to justify these decisions with supporting documents, evidence, and links to precedent. Apple just rejects, or approves, or approves and rejects and often cannot say why.
Sure. But I don't think them showing their internal discussions would help solve the problem here, because their internal discussion is likely to be inconsistent and poorly documented.
> The easiest example would be comms indicating that Apple is detecting malicious behaviors (spam, fraud, abuse, etc) in the app. Disclosing information what can (and implicitly what cannot be detected) is self defeating.
So what, in a proper court of law all evidence has to be put up for review so that the court can make a proper decision, even if just on technicalities. In Germany, for example, you can get speeding tickets thrown out if you can show that the cops have put their radar in a wrong angle towards the street. Drug dealing trials have to leave out evidence if the accused cannot reasonably challenge them [1].
Now compare that to Apple, which in being the ultimate gatekeeper for access to the App Store for iOS and its iPad/Watch equivalents, currently acts as lawmaker, police, DA, judge and court enforcer at once, and its actions are directly affecting the livelihood of anyone wanting to publish an app on the App Stores - anyone from small indie developers to multibillion international conglomerates, and yes, sometimes spammers, scammers, fraudsters and other kinds of criminals.
And just like in the "real" world, it should not be one company all on its own who has that kind of power. Hence the EU got fed up and installed the Digital Markets Act.
Post-2008, globally important financial institutions are required to submit private, internal risk reports to regulators. It would not always be prudent to make this information public, but it makes good sense for regulators to see it -- privately.
It seems like if we want to have "fair" duopoly app stores (Apple and Android), then we need a regulator who is fully embedded and integrated into the process, but can view all details of the decision, including ones that should legitimately stay private (security, etc.). To be clear, the regulator needs to have the final say on what will be private and not. Also, the regulator needs to be involved in the appeals process.
That said, I still think we need to allow multiple app stores on each platform. Meta is large enough to do it. Yeah, I know, that will get no love here. And, unfortunately, it probably means lower security for unsophisticated end-users.
> It should be illegal for them to prohibit an app on their store and alternative distribution. Triply so if it at all competes with them.
My very amateur reading of https://news.ycombinator.com/item?id=40773883 is that it probably literally is (edit: in the EU, to be clear). It'll be interesting to see how that plays out.
I have the same weird Apple review experience a couple of years ago too. Sorry for hijacking this post. But every year Apple is just throwing random rejections with our app.
Careful now, or you might just get Safari banned by the App Store reviewers...
Kidding aside, PWAs (also almost killed by Apple in their furious stomping on the ground after the DMA getting passed) used to be the canonical way to get around many App Store limitations in the past. There were quite a few emulators available for it, as well as game streaming clients for things like Stadia.
> Safari on iOS has no issues emulating DOS games, other than the UI, I am surprised someone has not just wrapped a WebView in a console-esque UI.
There's a-Shell, which does something similar, but for WASI as a runtime target instead of DOS.
But to Apple, it usually doesn't even matter how something is accomplished if they don't like the outcome. If they say that "DOS is not a retro console" (what does that even mean!?), they won't allow it in any form. (Sometimes they do care about the how; can't have third-party browser engines, for example.)
Apple seems to be really afraid that if they give people the ability to emulate an old computer on an iPad, they'll just install Windows 98 on there and stop using iOS nearly as much.
Submitting apps to the App Store is one of the more frustrating things in life. Reviewers are lazy, random and don’t do any homework. You roll a dice and hope you don’t have any issues. Couple that with a bloated Xcode that still hasn’t learned anything from VS Code, long compile times, long processing times, bullshit compliance checkboxes and the time-consuming filling out of information of what your app is all about. Oh, and you can do the same again for Google’s Play Store!
What’s needed is for regulators to step in. Create an independent government-run tribunal to which app store review decisions can be appealed by the developers, and legally mandate Apple/Google/etc to obey its rulings. Maybe the EU will do it.
If the EU mandated it other jurisdictions would likely follow. Even if they didn’t, you’d likely just be able to incorporate an EU subsidiary, then resubmit the app in the subsidiary’s name, and then lodge the appeal in its name if the submission still gets rejected.
Allowing government bureaucrats to oversee the app store review process seems like quite possibly the only single thing that could make it even slower, more frustrating, and more arbitrary than it is now.
> Allowing government bureaucrats to oversee the app store review process seems like quite possibly the only single thing that could make it even slower,
How could it possibly make the review process slower? Such a tribunal would have zero role to play in reviewing the app. It only steps in if the developer wishes to appeal a review rejection. At which point it is reviewing, not the app itself, but rather the reasonableness of the review process which lead to the rejection of that particular app.
Also, I wouldn’t suggest government bureaucrats as appointees. My uncle, who is a lawyer, used to sit on one of these government tribunals in Australia (not reviewing app store rejections, reviewing rejections of applications for refugee status). He was not a bureaucrat and nor were any of the other appointees. The government advertised for lawyers in private practice to apply for appointment to the tribunal, and he applied, and he was appointed. His background was in criminal defence not government bureaucracy. And it was a part-time role, so he was still carrying on his private criminal defence practice while he sat on it. It is considered a quasi-judicial role (not technically a judge and not having the same prestige or qualifications or privileges as a judge, but performing some of the same functions)
I live in Canada where there are Ombudspeople and tribunals for many dispute resolution processes. Getting them involved usually lights a fire under a company's ass in my experience.
it is far preferable to hashing everything out in court (or not, if you aren't swimming in cash).
I wish the lawmakers would just step in and regulate gatekeeping on devices, rather than reviewing every dispute. I would be perfectly happy with the same model they use on my macbook for unapproved binaries. If I download a non-approved app, just let me know that it is donwloaded from the internet/not approved safe by Apple, and let me run it if I so choose.
Australia also has a consumer protection bureau. It does exactly the same when you complain -- lights a fire under the ass of the maker. There are so many posts from Ozzies here about being "saved" by that bureau from a bad product.
Australia does have relatively strong consumer protection laws. There is both a federal agency that does consumer protection and competition law (the ACCC, roughly equivalent to the US FTC) and also each state has an agency (my state’s is called Fair Trading NSW)
> There are so many posts from Ozzies
Random aside, I’d never thought about it before but it’s true - as someone pointed out on the Assange post, we Australians generally don’t call ourselves “Ozzies”, nowadays the standard spelling is “Aussies”
HN. Very free market. Except Apple. The cognitive dissonance, and entitlement is crazy.
Even funnier after years of "Apple knows best". God forbid anyone buy an Android phone. No, apparently folks would rather force their abuser to be slightly nicer and then stay in that toxic relationship.
Doesn't Xcode use Clang for Objective-C and Swift? I find it hard to believe the code is so bloated. LLVM/Clang and GNU GCC are neck-in-neck for code size and speed. The rest of your comment is fine. I'm sorry about your experience.
Heh, try the process for getting a dev kit from Nintendo. Or going through the lotcheck process for actually publishing/updating.
I made an app for the Wii U. There were multiple times before putting it on the store that my app was rejected for one thing, and then the next time I submitted it they rejected it because they wanted it the way I originally had it.
The app did decently well, so I thought I’d make a sequel for the Switch. I spent a month or two on enough of a prototype to show them and had my request for a dev kit flat out rejected multiple times, with absolutely no reason given. Not a single freaking word. I gave up.
Google Play Store review might actually be worse now. It's certainly slower. It's great that you can sideload at least on Android although making money off a sideloaded Android app is very challenging to say the least.
That said, I am left wondering why more major software publishers don't have the option to sideload Android apps. (It was a while since I looked into it, since I mostly use open source apps these days, but it seemed as though most companies were switching to a Google Play Store only route a few years back even though they had the brand recognition to bypass Google's store altogether. The only thing I can think of are support costs, since few people would know how to enable the ability to load apps from other sources.)
Is that really the case? Why wouldn't you be able to? The FCM APIs aren't gated by install method; I've successfully used them while sideloading my own self-written, unpublished apps.
It seems like their issue is that DOS is available for use, underneath everything. I wonder if they'd apply the same restrictions to, say, a Commodore 64 or Apple II emulator that provides BASIC access?
Apple gets a lot of flack for making iOS a closed system and I genuinely believe that the decisions they make are what they believe are in the public good.
...except for App Store reviews, which are frequently irrational, contradictory, and kafkaesque. (Automatically denied because the app shared the name with a version disallowed under the previous policy? Then denied because they had tried too many times? This is all absurd.)
Apple seriously needs to do a complete reset and reevaluation of how the App Store review system works, because the unfairness and absurdity of it all is tarnishing the reputation of everything else they do.
> I genuinely believe that the decisions they make are what they believe are in the public good.
Yes, because users would much rather make purchases outside apps like Kindle because of Apple’s revenue cut. Apple is such a great company that it’s inconceivable they’d ever to protect their own interests and stifle competition.
> I genuinely believe that the decisions they make are what they believe are in the public good
Time and time again leaked emails show the decisions they make are what they believe are in the interest of money. They have some "do good" ideas, but they don't represent the interests of any public body of people, nor is it their main interest.
If they did, their products would be designed around repairability, for one. And the way they steer general computing into whatever restrictions make them more money (when they could just make general computers like they used to) is definitely not in the interests of the public.
All in all, I don't have a problem with Apple. It's a company, it serves its own investors' needs. It functions very well in the capitalistic system — very successful. But the idea that they, all in all, make decisions for the best of the public is contrived and reaching.
Often enough, Apple's and consumers' selfish interests overlap. That's ok, they're not a nonprofit organization, and this type of win-win is a great example of capitalism working out well!
But I'd never mistake that for altruism or "taking decisions in the public good". They're a for-profit corporation, and these sometimes have the unfortunate habit of turning to rent seeking to keep supporting the profits expected of them even in the face of changing market realities. That's why we have regulators.
> I genuinely believe that the decisions they make are what they believe are in the public good.
The decisions they make are in service to their revenue and market share numbers. If marketing their decisions as "for the public good" helps those, then that's what they do.
That's not always a bad thing! Sometimes the interests of a capitalist corporation actually aligns with the interests of its customers. The problem is that the link isn't always there, and things can change for the worse for arbitrary reasons.
Because you risk getting punished for the arbitrary back and forth crap that might not get you banned completely if you hear give in to seemingly random whims and how much the reviewer feels like looking through your app that day. As an Android developer that works with iOS devs it's frustrating that the problems that crop up on their side are becoming more common in Play store reviews now too
Being excluded from the store doesn't mean your code cannot run. It just means people have to want to jump over more hoops to run it. Ultimately, it might mean $99 for a developer account, Xcode, and signing your own binary. Contract law covers how you get the code to compile.
I only say this because there is no sense in pretending this is an absolutist position, that Apple has forbade their CPUs from executing instructions in sequence to the effect this or any other rejected app direct: what they stopped is making it transactionally easy, or chargeable under their model of revenue flow.
This app was also rejected from EU alternative app stores (which is illegal BTW), so the only way to get it would be something like the classic AltStore, which requires a real computer, and allows only three apps to be installed, and the apps expire every 7 days. https://faq.altstore.io/how-to-use-altstore/your-altstore
> Got a call from Apple after 2 months. They have decided that iDOS is not a retro game console, so the new rule is not applicable. They suggested I make changes and resubmit for review, but when I asked what changes I should make to be compliant, they had no idea, nor when I asked what a retro game console is.
We need a DMA over here yesterday.